apple_receipt 0.2.1 → 0.2.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/README.md +23 -12
- data/lib/apple_receipt/next_step_parser.rb +2 -1
- data/lib/apple_receipt/receipt_parser.rb +2 -2
- data/lib/apple_receipt/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7511e6788808d19d86cb23e8ea0d2e849d87456fb8610ef6a9f0f0767ab478f0
|
4
|
+
data.tar.gz: 25287ab80215937091d1c5c2daf7a8eec4bbaaca02fb76927a7f145d9f695c1d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 12c2d96e91980fc15ec79dd98078fb74cdc41ecb97789541af2727c1c6420449d1407e8b45195f19acebb9dcca7be19ad636906879292e437695f9a0717b5248
|
7
|
+
data.tar.gz: 003da0087b6ef41d040d7b0ecbb0b88288241cd73ceb897d368521133f5e0085987af5c063a137c44263ecbd35485733be29779668098ecd91619b4aa6150b05
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,10 @@
|
|
1
1
|
# Apple Receipt changelog
|
2
2
|
|
3
|
+
## v0.2.2
|
4
|
+
|
5
|
+
- Updated README to add information about validation [\#13](https://github.com/koenrh/apple_receipt/pull/13)
|
6
|
+
- Fixed snake case keys of 'purchase information' hash [\#11](https://github.com/koenrh/apple_receipt/pull/11)
|
7
|
+
|
3
8
|
## v0.2.1
|
4
9
|
|
5
10
|
- Fixed path to bundled certificates [\#10](https://github.com/koenrh/apple_receipt/pull/10)
|
data/README.md
CHANGED
@@ -7,7 +7,7 @@
|
|
7
7
|
This gem allows you to read and verify Apple receipts. It was originally built
|
8
8
|
to locally (server-side) verify the validity of receipts that are embedded in
|
9
9
|
[Status Update Notifications](https://developer.apple.com/library/content/documentation/NetworkingInternet/Conceptual/StoreKitGuide/Chapters/Subscriptions.html#//apple_ref/doc/uid/TP40008267-CH7-SW13).
|
10
|
-
These receipts have a different format than [documented](https://developer.apple.com/library/content/releasenotes/General/ValidateAppStoreReceipt/Chapters/ValidateLocally.html#//apple_ref/doc/uid/TP40010573-CH1-SW2)
|
10
|
+
These receipts have a different format than the [documented](https://developer.apple.com/library/content/releasenotes/General/ValidateAppStoreReceipt/Chapters/ValidateLocally.html#//apple_ref/doc/uid/TP40010573-CH1-SW2)
|
11
11
|
App Store receipts you might be familiar with, which are [PKCS #7](https://tools.ietf.org/html/rfc2315)
|
12
12
|
containers with a payload (receipt data) encoded using [ASN.1](https://www.itu.int/itu-t/recommendations/rec.aspx?rec=X.690).
|
13
13
|
|
@@ -46,21 +46,21 @@ receipt.valid?
|
|
46
46
|
receipt.purchase_info
|
47
47
|
# => {
|
48
48
|
# "quantity"=>"1",
|
49
|
-
# "
|
50
|
-
# "
|
51
|
-
# "
|
52
|
-
# "
|
53
|
-
# "
|
54
|
-
# "
|
55
|
-
# "
|
49
|
+
# "expires_date_formatted"=>"2018-01-23 17:03:44 Etc/GMT",
|
50
|
+
# "is_in_intro_offer_period"=>"false",
|
51
|
+
# "is_trial_period"=>"false",
|
52
|
+
# "item_id"=>"1190360447",
|
53
|
+
# "app_item_id"=>"947936149",
|
54
|
+
# "transaction_id"=>"160000408504141",
|
55
|
+
# "web_order_line_item_id"=>"160000011000001",
|
56
56
|
# "bid"=>"com.foo.bar",
|
57
|
-
# "
|
58
|
-
# "
|
59
|
-
# "
|
57
|
+
# "product_id"=>"com.foo.bar.monthly",
|
58
|
+
# "purchase_date"=>"2017-12-23 17:03:44 Etc/GMT",
|
59
|
+
# "original_purchase_date"=>"2017_12_23 17:03:53 Etc/GMT"
|
60
60
|
# }
|
61
61
|
```
|
62
62
|
|
63
|
-
##
|
63
|
+
## Receipts
|
64
64
|
|
65
65
|
A receipt is encoded as base64, and is formatted as a [NeXTSTEP](https://en.wikipedia.org/wiki/Property_list#NeXTSTEP)
|
66
66
|
dictionary:
|
@@ -104,6 +104,17 @@ Both certificates chain up to:
|
|
104
104
|
The `purchase-info` entry contains a base64-encoded NeXTSTEP dictionary that contains
|
105
105
|
the actual receipt data (purchase info).
|
106
106
|
|
107
|
+
## Validation
|
108
|
+
|
109
|
+
First, the signing certificate is parsed from the signature binary data. The
|
110
|
+
validation of the receipt works as follows.
|
111
|
+
|
112
|
+
1. Verify that the signing certificate is valid, i.e. it is not expired, and
|
113
|
+
it chains up to either of the bundled Apple root certificates.
|
114
|
+
2. Verify that the signature over the signed data (version number and receipt
|
115
|
+
data) is signed by the private key that correspond to the public key that is
|
116
|
+
in the signing certificate.
|
117
|
+
|
107
118
|
## Contributing
|
108
119
|
|
109
120
|
Bug reports and pull requests are welcome on [GitHub](https://github.com/koenrh/apple_receipt).
|
@@ -20,12 +20,12 @@ module AppleReceipt
|
|
20
20
|
def parse(input)
|
21
21
|
receipt_hash = NextStepParser.parse(input)
|
22
22
|
|
23
|
-
unless Set['signature', '
|
23
|
+
unless Set['signature', 'purchase_info'].subset?(receipt_hash.keys.to_set)
|
24
24
|
raise ArgumentError, 'Missing required fields'
|
25
25
|
end
|
26
26
|
|
27
27
|
signature_decoded = Base64.decode64(receipt_hash['signature'])
|
28
|
-
data_decoded = Base64.decode64(receipt_hash['
|
28
|
+
data_decoded = Base64.decode64(receipt_hash['purchase_info'])
|
29
29
|
|
30
30
|
version, signature, receipt_cert = read_signature(signature_decoded)
|
31
31
|
[version, signature, receipt_cert, data_decoded]
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: apple_receipt
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Koen Rouwhorst
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-01
|
11
|
+
date: 2018-02-01 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: json
|